Exam NSE7_EFW-7.2 Topic 1 Question 20 Discussion

Actual exam question for Fortinet's NSE7_EFW-7.2 exam
Question #: 20
Topic #: 1
Exhibit.

Refer to the exhibit, which contains an active-active toad balancing scenario.
During the traffic flow the primary FortiGate forwards the SYN packet to the secondary FortiGate.
What is the destination MAC address or addresses when packets are forwarded from the primary FortiGate to the secondary FortiGate?

Suggested Answer: B Vote an answer

The destination MAC address when packets are forwarded from the primary FortiGate to the secondary FortiGate is the secondary virtual MAC port1. This is because the primary FortiGate uses the virtual MAC address of the secondary FortiGate as the destination MAC address for the SYN packet. The virtual MAC address is derived from the HA group ID and the interface ID, and it is unique for each HA cluster member and interface. The virtual MAC address enables the secondary FortiGate to receive the SYN packet without ARP resolution. Reference: You can find more information about active-active load balancing and virtual MAC address in the following Fortinet Enterprise Firewall 7.2 documents:
Virtual server load balance
NP session offloading in HA active-active configuration
Technical Tip: How to enable TCP load balance in HA with active-active mode

by Ian at Jan 22, 2024, 12:36 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어